Slashdot Mirror
Spam Doubles, Finding New Ways to Deliver Itself
An anonymous reader noted that the times is running a piece on the rise in spam that you might have noticed in your inbox over the last 6 months. Gates promised the end of spam by 2006, but they figure it's doubled in the last few months. And best of all, a huge percentage of spam is now images that circumvent traditional text analysis.
Gates promised the end of spam by 2006. He still has one month to succeed. It is still possible. I'm waiting. I really want to see that. Thanks, Bill.
-- Rastignac was here.
The picture spam not caught by the gmail spam filters that I receive all look very very similar. Randomly generated sentences with buzz words and a "picture text" haussing a certain stock.
I'm very surprised these all come through the gmail spam filter. By now it should be easy to identify them.
Competent sysadmins are expensive, and the idea of, say blocking outbound port 25 would never occur to them, or is brushed-off for stupid reasons.
The only way out is to exerce pressure on those network owners and the best way to do so is by simply blocking them left and right until they are left with nothing but their huge intranets.
Yeah, cuz it's not enough that I can no longer relay e-mail directly from my machine. It's not enough that I now have to have reverse DNS otherwise my e-mail gets rejected. It's not enough that e-mails that aren't SPAM get dropped/flagged. It's not enough that many e-mail providers drop useful attachments and scan so intrusively into them that I need to encrypt them if I want the e-mail delivered.
Let's take away yet more functionality due to spam! That's a great idea. Seriously, I hate SPAM but the zeal to stop it has ruined many useful features of SMTP.
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
"The new breed of spam -- call it Spam 2.0"
No, no, no... please, please don't!
Good to see them documenting the rise of email spamming, but I'm suprised the article doesn't talk more about the spammers who are running amock across websites rather than people's inboxes nowdays. While the problem of email spam is still growing, it has pretty much always been there and the public are fully aware of it (with mainstream services such as Gmail offering spam protection, etc), the huge rise at the moment is the amount of web applications and sites that are being exploited. Take for instance Youtube (with many of the most popular videos having their comment threads spammed hard), or any mainstream forum software (most commonly phpBB), where spam bots are continually developed to get around registration methods (including OCR) and then spam the forum with either their profiles or posts. Not forgetting the guestbook spamming which many of the people behind these use for SEO purposes, so they can get phising or product selling pages to the top of search engines (even if it is for a day or so before they are penalised/blacklisted).
While email spamming is still the main problem, it would be nice to see the mainstream media realise that there is a growing danger in people exploiting community websites nowdays, because all it takes is for one of these operations to install enough spyware/get traffic from sites/top search engines for banking/insurance etc websites, then they will start taking consumer's data faster than spam would - all without the majority of customers realising, because they think the main threat is in their inbox.
Business Voyeur
We can hire the A-Team to come in and stop them.
I pity the fool who litters Mr T's inbox with ads for home equity loans.
Dedicated Cthulhu Cultist since 4523 BC.
Why not use email for what it was meant for?
...
If clients weren't so friendly to "auto show" images this spam would never had existed.
I too send attachments to folks but usually only source files and/or patches (e.g. really small things).
I want my email client to read/write messages, not the "web". It's bad that HTML emails exist
Tom
Someday, I'll have a real sig.
Since about two weeks I am using the image-spam repositories of MSRBL, and of Sanesecurity. Using a cron script to fetch the data and keep Clama's database up-to-date works quite well!
There is a plugin for Spamassassin called Fuzzy OCR. It's false positive rate is pretty low and I haven't seen image spam for weeks.
http://fuzzyocr.own-hero.net/wiki/Downloads
I have had no problems at all using Outlook 2003 with Junk E-mail settings set to high. I have not seen 1 image-spam. However, when I fire up Thunderbird, the image-spam always shows up. I wonder what settings/algorithm MS is using because it works. My corporate E-mail server also blocks all spam. I have not received 1 spam of any type in my office E-mail account.
So is the problem really an increase in spam or incompetent admins who don't know how to setup their filters to block them? Yes, the size & volume of E-mails may have increased, but if you can filter them they will be deleted before they take up space.
We have people who work from home. But I've set them up with email authentication. They can send anything, from anywhere, to anyone, providing that they have signed on with their username and password.
You do it differently?
I know people like to rant about the "spam problem" a lot, but for all practical purposes, the problem has been largely solved for several years now.
If you run reasonable spam filters, including many open source ones, you will not end up with much spam in your inbox. Yeah, there will be lots of spam still being sent, but the real, significant, cost of spam is really mostly people's time, not machines. Any ISP, company or person who gets "too much spam" is simply being penny wise and pound foolish. The same goes for systems that get too may "false positives", that is, legitimate emails being rejected. Almost all of that is due to trying to run "cheap" spam filters, or buying snake-oil systems. Upgrade your mail servers or switch to someone who runs reasonable spam filters.
The "spam problem" of today is really the "you can't do anything about spam" problem. Too many people are convinced that you can't stop spam, so you shouldn't try harder. The problem is low expectations. The problem is people cutting corners.
For email senders having problems getting caught in spam filters, some of this is due to people running bogus spam filters and that is the receiver's problem more than yours. Most of the rest is due to either you not running a standard-compliant mail server on a static IP address that can have a reputation built up for you being a good server, or because you really do send out spam, either due to "bad" customers or backscatter (bogus bounces, challenge/repsonse systems, autoresponders, etc.). Don't be cheap and think you can get away with not running spam filters on your outbound email and catching your "bad" customers. Don't be cheap and spew backscatter. Don't be cheap and say you can't afford to do port 25 blocking of dynamic IP addresses, or not allow customers to configure their reverse DNS.
The vast majority of knowledgable people in the area of spam do not munge their email addresses. The vast majority do not suffer either lots of spam in their inbox nor lots of false positives.
SPF support for most open source mail servers can be found at libspf2.
HTML in e-mail was never standard functionality anyway. E-mail is a text medium, which has grown in some ways without growing the infrastructure to go with it.
HTML e-mails annoy the hell out of me, mainly because for a long time I was quite content to use older e-mail clients that didn't support them. But that's not what I was lamenting.
I was lamenting how anti-spam measures have made e-mail less and less useful. It was drowned out by the righteous replies of "I'll do whatever I want with my mail server". You can do whatever you want with your own server. But I'm allowed to lament the fact that e-mail has become less and less useful.
It seems to me that there is no technological solution to this problem as long as it remains profitable to SPAM. Any technological solution is short lived (i.e: arms race) and will have at least some negative effect. Can't we take away the financial motivation to SPAM? Go after the companies whose products are being sold? The spammer may or may not be offshore or may or may not be using zombies but if that spam message is to be successful then it has to point me at a product. Go after that product!
That's probably naive of me and smarter people then I have attempted to solve this problem. Still, I miss the days when I could just put up an e-mail server and all it had to do was deliver messages to my users. It wasn't the servers job to care about what was in the message -- it was the clients.
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
The problem is mainly that the spammers have an absolutely IMMENSE amount of stolen processing power available to them. Botnets with hundreds of thousands of hosts, and many of those PCs have just as much, if not multiple times more processing power than any common server in your rack. Your mail server is built for reliability and I/O, and has a much longer life cycle than a desktop.
It's nothing for the spammers to analyze a captcha, even if they want to. But for every obfuscated image they send to you, you've got much fewer resources to try and analyze it. Even if you build a monster mail transport (muchos dinaros) they'll just bot a few more idiot machines and overwhelm you.
In fact, that's apparently a new tactic some of the more scummy spammers have been taking. If your filtering/tarpitting is TOO good, they'll just unleash the whole botnet onto you and crash your mail servers until such time as you see that it's better to take their crap than try to fight them. I've seen admins complaining about it on NANAE.
It seems outrageous to say this in relation to something as "unimportant" as email... but I really, truly wish we'd start seeing some fatalities amongst the spammer set.
Brandon Hume
hume -> BOFH.Halifax.NS.Ca, http://WWW.BOFH.Halifax.NS.Ca/
Unfortunately, if you go after the product the spam offers, then it turns into a vehicle to damage a third party. Now when someone doesn't like a company/product, they will pay to have a few millions spam messages sent out, and destroy their competition. Or they will threaten to do the same if said company doesn't pay a large amount of money.
This happens today with email viruses and botnet attacks, and don't think that it wouldn't happen if you attacked products advertised in spam.
It's not up to the recipient, it's up to the recipient's service provider; most recipients have no idea what is or isn't happening to their email before they get it.
And we have lost a tremendous amount of functionality due to SPAM. There was a time not so long ago when I could send to a family member: email with an attached photo, email with an attached document, email sent from my own PC and handled with my own SMTP daemon, email that was only two or three lines long, etc.
Now all of these are likely to be rejected. Even plain text email sent with a large subscription SMTP server is now getting blocked by some friends and family members' service providers simply because the domain of the address (my personal web domain) is not whitelisted and this hits the SPAM score where it hurts. A phone call is great... unless you were hoping to do one of the many useful things you used to be able to accomplish by sending attachments (i.e. send an article you're working on to a friend to have them read it and mark it up with revisions before sending it back).
So I suppose your answer is that we should all get an @gmail.com account, have to use it via the Web interface to send plain-text only email with zero attachments that's at least five but no more than twenty sentences long and doesn't use the words "sex," "free," or "mortgage."
Fine, but don't pretend that email hasn't lost a significant amount of functionality due to SPAM or that these restrictions are being imposed democratically by the consensus of common users. Functionality has indeed been lost and the decisions are made by admins at major email providers trying to save costs and manage the tremendous problem that SPAM has become.
The proper solution isn't to filter more. The proper solution is the death penalty for SPAMmers. I'm quite serious. We execute far too many blue collar criminals in this world and not nearly enough white collar ones. SPAMmers should be first among these.
STOP . AMERICA . NOW
If everyone turned off images, html and anything else, we'd get text only spam instead.
The real problem is authentication in email. While mail servers accept email with any arbitrary 'from' address, this problem will persist.
Two weeks ago we implemented 3-factor greylisting here at the university I work at. We went from delivering 700,000 emails per day to 200,000 after turning it on, which works out to about 10 messages per day, per email box on average... certainly a more realistic number. The response from the users has been great (some even thought that our email system was broken at first because they stopped getting so much noise in their inbox/spam folder, the change was that dramatic).
Naturally, the work-around for spammers is to resend their spams, but they would have to do it from the same IP and with the same envelope from and to address. This means that their army of zombie'd PCs would have to work twice as hard if everyone greylisting was common practice, and likely a require a non-trivial change to the software on these zombies. We'll have to see how it pans out, but after watching my greylist logs and inspecting the spams which do get through, it seems that perhaps a few spammers have already caught on to this, but not all. Most of the spams which do get through our greylisting are subsequently caught by Spamassassin and RBLs, and come from open-relays (those still exist!)
(2) Run *NIX on (at least) one machine in your LAN. (3) Run Sendmail on that machine (or postfix, or whatever MTA you like).
(4) Listen to your wife and kids complain that their family/friends aren't getting e-mails from them.
(5) Correct the configuration on your MTA (oops - mea culpa).
(6) Listen to your wife and kids complain that they're not getting e-mails from their family/friends.
(7) Correct the configuration of your MTA (again).
(8) Listen to your wife and kids complain that they're still getting spammed into oblivion.
(9) Configure mail filters to hold the spam.
(10) Listen to your wife and kids complain that they're missing valid e-mails.
(11) (Repeat steps (8)-(10) recursively until (8) and (10) no longer happen.)
(12) ???
(13) Profit!^H^H^H^H^H^H^HRelax!
We're all frogs being boiled alive because we kept getting used to the temperature as it went up.
When and why did we accept needing elaborate programs to throw away our email before we looked at it? When and why did we accept not being able to send files in email, after spending years defining and implementing MIME?
There have been cities that got so accustomed to street crime that people starting blaming the people who got attacked instead of the criminal. When and why did we get to the point that someone could tell a normal (and savvy) user of email
>You don't have to be a complete fucking tool you're entire life you know.
?
Not that I have a solution, I'd be out getting rich if I did.
Compromise, and whitelist. Anyone can send you plain text emails, but only people you have emailed can send you emails that are anything other than plain text. Since spam filters do pretty well on plain text emails, this should cut down the incoming spam a lot. If someone wants to send you an email containing an attachment and you haven't emailed them before, then all they need to do is first send one saying 'Hi, I want to send you some pictures, is that okay?' If you reply, then the mail server lets them through the next time.
I am TheRaven on Soylent News
You could always try sending spams for free penis pills, and sending cyanide capsules to everyone who responds...
I am TheRaven on Soylent News
And the problem is that it appears to work. For giggles, I've tracked a couple of these stocks. If you don't get too greedy, and get out before the spammers (presumably holders of large blocks of stock) dump, you can actually make a good return.
You should revisit your data, and reread the article. The "problem" is that the scammers buy the stock pre-scam, and dump immediately at the first sign of a price blip. When I plug whichever penny stock into Yahoo, the price spike has always been a day or two in the past by the time my server receives (nevermind by the time I read) the spam touting it, and hasn't lasted more than a few hours.
So if you, as a spam recipient, play along with their stock game, you can make money, while helping drive up the price for the spammers to make their profit.
No you can't, unless you are "lucky" enough to be among the first recipients of the spam, and act upon it immediately. Depending on the number of shares outstanding, it may well be your buy of maybe $500 to $1000 that triggers the scammer's sell order. Face it, this is a total non-starter. Research already suggests that the scammers are only netting about 5%, which means they're doing about as well as a successful day trader, with only a little less effort. Since you will be in a reactive mode, you will be putting in more effort with significantly greater risk.
Luke, help me take this mask off